Greencore
asked on
Windows server 2003 Zone transfer configuration reccomendations anyone?
Hello all,
we have a 3 subdomain environment as follows:
gcg.net - root dc (does very little) !
cs.gcg.net - central services (the core servers at the datacentre)
gc3.cs.gcg.net - sites (end users across uk/europe/america)
I am a little dubious about the configuration that we have regarding zone transfers for our subnets...
All of gc3 appears to be absolutely fine - 1 x reverse lookup zone per site with zone transfers enabled to each server in the name servers tab. The name servers tab is populated with gc3 servers only
In the CS domain, I do not have all the reverse lookup zones added that exist in the gc3 domain - I do, however randomly have some that have been added. Although I have not idea why - or whether they should all be added from the gc3.cs.gcg.net domain
Each site has its own local DNS server holding a copy of the gc3.cs.gcg.net zone, and a copy of all the reverse lookup zones for that domain
Clients on site at any gc3.cs.gcg.net location need to be able to resolve any cs.gcg.net machine - which they are able to via the forwarders configuration within DNS
cs.gcg.net central servers need to be able to resolve all gc3.cs.gcg.net machines
When I look at the reverse lookup zones in the cs.gcg.net domain that HAVE alrready been added, zone transfers are disabled
When I look at the same reverse lookup zones in gc3.cs.gcg.net they are all enabled (by me) and working
I'm at a bit of a loss as to what reverse lookup zones should be added in cs.gcg.net and what zone transfers should be allowed between where
The authorative DNS servers for each domain are as follows:
gck23s009.gc3.cs.gcg.net (root DC for gc3.cs.gcg,net)
gck23s002.cs.gcg.net (DC1 for cs.gcg.net)
gck23s002.cs.gcg.net (Root DC for cs.gcg.net)
All advice greatly appreciated...
we have a 3 subdomain environment as follows:
gcg.net - root dc (does very little) !
cs.gcg.net - central services (the core servers at the datacentre)
gc3.cs.gcg.net - sites (end users across uk/europe/america)
I am a little dubious about the configuration that we have regarding zone transfers for our subnets...
All of gc3 appears to be absolutely fine - 1 x reverse lookup zone per site with zone transfers enabled to each server in the name servers tab. The name servers tab is populated with gc3 servers only
In the CS domain, I do not have all the reverse lookup zones added that exist in the gc3 domain - I do, however randomly have some that have been added. Although I have not idea why - or whether they should all be added from the gc3.cs.gcg.net domain
Each site has its own local DNS server holding a copy of the gc3.cs.gcg.net zone, and a copy of all the reverse lookup zones for that domain
Clients on site at any gc3.cs.gcg.net location need to be able to resolve any cs.gcg.net machine - which they are able to via the forwarders configuration within DNS
cs.gcg.net central servers need to be able to resolve all gc3.cs.gcg.net machines
When I look at the reverse lookup zones in the cs.gcg.net domain that HAVE alrready been added, zone transfers are disabled
When I look at the same reverse lookup zones in gc3.cs.gcg.net they are all enabled (by me) and working
I'm at a bit of a loss as to what reverse lookup zones should be added in cs.gcg.net and what zone transfers should be allowed between where
The authorative DNS servers for each domain are as follows:
gck23s009.gc3.cs.gcg.net (root DC for gc3.cs.gcg,net)
gck23s002.cs.gcg.net (DC1 for cs.gcg.net)
gck23s002.cs.gcg.net (Root DC for cs.gcg.net)
All advice greatly appreciated...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.